18 of 18 ISO/IEC 27001 Jobs in South Wales

Job Advert: Contract Cyber Engineer (DV Cleared) ?? Newport | ?? 6-month contract + likely extension ?? Fully onsite | ?? Up to £90 per hour (Umbrella) ?? DV Clearance required / British Nationals only We're recruiting for an experienced Contract Cyber Engineer to join a major defence cyber security function. This role is ideal for someone who enjoys hands-on technical problem solving … strong communication skills and the ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM / Splunk, IDPS, Email / Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN / WAN, routing … scripting or programming (PowerShell, Python, Bash etc.) Experience with Windows Server and RedHat (RHEL) administration, including CIS hardening Desirable Skills Experience with any of the following is beneficial: vCenter / VMware ESXi / vSAN Nessus / Tenable SQL / MariaDB CheckMK, Jira, Syslog management Patch management (WSUS etc.) AD / LDAP / PAM Backup More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO / IEC 27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯

of projects from the System Design team into the SOC operations ensuring impact analysis, capacity and availability management are considered prior to accepting new projects. You will also mentor / oversee members of the SOC Engineering team, ensuring all operational tasks are completed and work tickets updated / closed on time. Responsibilities - Support SOC Engineers & Analyst activity - Supports … activity - Toolset availability and capacity management review and escalation - Maintain currency in security concepts, tools and best practices - Engagement with the R&D Cyber Defence Centre for Cyber Solutions / Products Skill Set Essential - Good knowledge of multiple SOC tooling including IDPS / Firewalls / SIEM / Splunk / Email & Web Protection etc. - Experience of … implementing and fault finding Firewall technologies including Cisco ASR / Palo Alto / Fortinet - Excellent understanding of network technologies - Experience of Scripting and programming - Experience of Windows and RedHat server systems and implementation of CIS hardening Desirable Knowledge of some of the following would be advantageous: vCenter Nessus Tenable Fortinet Patching (applications, WSUS) Jira Windows 11, Server More ❯

third-party suppliers to maintain service quality. Use data and analytics to identify trends and drive service improvements. Lead and support continuous service improvement initiatives. Ensure compliance with ISO standards (ISO 27001, ISO 20000) and GDPR. Mentor and guide service delivery team members, helping to set high standards for customer service. Oversee More ❯

third-party suppliers to maintain service quality. Use data and analytics to identify trends and drive service improvements. Lead and support continuous service improvement initiatives. Ensure compliance with ISO standards (ISO 27001, ISO 20000) and GDPR. Mentor and guide service delivery team members, helping to set high standards for customer service. Oversee More ❯

management Strong communication skills in English Degree in Cyber Security, Computer Science, or a related field Bonus Points For: Industry certifications (eg, CISSP, CISM, CEH, ITIL) Familiarity with ISO 27001, SOC2, GDPR, or NIST … frameworks Experience with cloud infrastructure security (AWS, GCP, Azure) Background in tech, digital media, or regulated industries Whats in It for You? Flexible hybrid work setup within an EU / EMEA timezone Competitive benefits package including private health insurance and annual performance bonus Professional development in a globally recognized and innovation-driven organization A collaborative culture with regular team More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯

Life Support and subsequent BAU Grow a culture that celebrates success based on customer insight and performance. Governance, Risk & Compliance Ensure operational policies and procedures align with ITIL, ISO, GDPR, and other relevant frameworks. Maintain clear audit trails, SLA adherence, and service reporting Requirements What we are looking for? Essential: Proven experience leading a Managed Services or IT … communication skills across written, verbal, and presentation formats, including high-stakes incident or escalation scenarios. Proficiency in ITSM and PSA tools (e.g. Autotask, ServiceNow) and interpreting data from ticketing / reporting platforms. Budget management and resource planning experience, including rota development and capacity forecasting. Strong technical literacy across common service desk technologies (Microsoft 365, remote desktop tools, networking basics … or Strategic Leader level. Experience introducing or managing automation, AI-enhanced triage, or self-service platforms in a service desk setting. Familiarity with RMM platforms and integrations into PSA / ITSM tools. Benefits Who are we? Aro has 25 years' experience in Collaboration, Connectivity, Cloud and Infrastructure and Cyber Security services both in the UK and Internationally and has More ❯

with clients and internal project managers. Responsible for delivering CE, CE+ audits, remediations and certification Lead and support the implementation of security controls, monitoring, and incident response processes. Conduct / facilitate vulnerability assessments, penetration testing, and risk analysis to identify and remediate threats. Maintain and improve security documentation, including policies, procedures, and incident reports. Be part of a team … security best practices. Support the installation and configuration of security software and hardware, including firewalls, endpoint protection, and SIEM tools. Ensure compliance with relevant standards and frameworks (e.g., ISO 27001, Cyber Essentials). Mentor and support the growth of aspiring cyber security professionals within the team. Work with 3rdparty security providers to ensure partners technology systems More ❯

work. Experience & Skills: 1–3 years of experience in cyber security, ideally within MSSP or consulting environments. Exposure to incident response processes and frameworks such as NIST CSF, ISO 27001, and MITRE ATT&CK. Strong analytical and problem-solving skills with attention to detail. Effective communication skills, capable of engaging with both technical and non-technical More ❯

security architecture function and contribute to the development of a multi-year Cyber Security Strategy. Key Responsibilities Define and embed Security Architecture Principles across all projects and changes. Develop ISO27001-compliant Security Policies and an ISMS. Create Reference Architecture and models for Identity Management and Privileged Account Management. Contribute to the redevelopment and testing of the Security Incident Response Plan More ❯

security architecture function and contribute to the development of a multi-year Cyber Security Strategy. Key Responsibilities Define and embed Security Architecture Principles across all projects and changes. Develop ISO27001-compliant Security Policies and an ISMS. Create Reference Architecture and models for Identity Management and Privileged Account Management. Contribute to the redevelopment and testing of the Security Incident Response Plan More ❯

and mentor a team of Infrastructure Engineers and DevOps specialists. You'll define and implement infrastructure and DevOps roadmaps, oversee cloud environments (AWS & Azure), and drive automation through CI / CD pipelines and Infrastructure as Code. Your responsibilities include: Leading improvements in AWS & Azure environments (EKS … VPC, IAM, RDS, Azure Firewall, Azure AD, Defender for Cloud). Managing container orchestration (Kubernetes) and serverless functions. Ensuring high availability, disaster recovery, and cost optimisation. Driving security compliance (ISO27001, GDPR) and risk mitigation. Collaborating with service delivery, development, product, and security teams. What you'll need to succeed Proven leadership experience in infrastructure and DevOps (2+ years). Strong … expertise in AWS architecture and Infrastructure as Code (Terraform / CloudFormation). Hands-on experience with CI / CD, containerisation (Docker / Kubernetes), and automation. Advanced understanding of networking, security, and cloud operations. Familiarity with monitoring tools (CloudWatch, Prometheus, ELK). Excellent problem-solving and stakeholder management skills. Relevant IT qualification or equivalent experience. Desirable: AWS certifications More ❯

and mentor a team of Infrastructure Engineers and DevOps specialists. You'll define and implement infrastructure and DevOps roadmaps, oversee cloud environments (AWS & Azure), and drive automation through CI / CD pipelines and Infrastructure as Code. Your responsibilities include: Leading improvements in AWS & Azure environments (EKS … VPC, IAM, RDS, Azure Firewall, Azure AD, Defender for Cloud). Managing container orchestration (Kubernetes) and serverless functions. Ensuring high availability, disaster recovery, and cost optimisation. Driving security compliance (ISO27001, GDPR) and risk mitigation. Collaborating with service delivery, development, product, and security teams. What you'll need to succeed Proven leadership experience in infrastructure and DevOps (2+ years). Strong … expertise in AWS architecture and Infrastructure as Code (Terraform / CloudFormation). Hands-on experience with CI / CD, containerisation (Docker / Kubernetes), and automation. Advanced understanding of networking, security, and cloud operations. Familiarity with monitoring tools (CloudWatch, Prometheus, ELK). Excellent problem-solving and stakeholder management skills. Relevant IT qualification or equivalent experience. Desirable: AWS certifications More ❯

and mentor a team of Infrastructure Engineers and DevOps specialists. You'll define and implement infrastructure and DevOps roadmaps, oversee cloud environments (AWS & Azure), and drive automation through CI / CD pipelines and Infrastructure as Code. Your responsibilities include: Leading improvements in AWS & Azure environments (EKS … VPC, IAM, RDS, Azure Firewall, Azure AD, Defender for Cloud). Managing container orchestration (Kubernetes) and serverless functions. Ensuring high availability, disaster recovery, and cost optimisation. Driving security compliance (ISO27001, GDPR) and risk mitigation. Collaborating with service delivery, development, product, and security teams. What you'll need to succeed Proven leadership experience in infrastructure and DevOps (2+ years). Strong … expertise in AWS architecture and Infrastructure as Code (Terraform / CloudFormation). Hands-on experience with CI / CD, containerisation (Docker / Kubernetes), and automation. Advanced understanding of networking, security, and cloud operations. Familiarity with monitoring tools (CloudWatch, Prometheus, ELK). Excellent problem-solving and stakeholder management skills. Relevant IT qualification or equivalent experience. Desirable: AWS certifications More ❯

etc.) Security Controls: Implement and maintain security controls, continuously improving detection, prevention, and remediation. Vendor Risk & Audit: Conduct vendor risk assessments, support internal and external audits (e.g. Cyber Essentials, ISO27001), and manage remediation actions. Cyber Security Program: Support the execution of the UK Cyber Security Program, contributing to the implementation of key security initiatives and enhancements aligned with UK business … security operations, engineering, or cyber threat management. Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials … ISO27001, NIST CSF, and GDPR. Ability to support internal / external audits and drive remediation efforts. UK Permanent Residency or Citizenship Required More ❯